A Rogue Access Point (Rogue AP) is a wireless access point installed on a wired enterprise network without authorization from the network administrator. A Rogue AP may be naively installed by a legitimate user who is unaware of its security implications or it could be deliberately installed as an insider attack. A Rogue AP could also be easily smuggled onto enterprise premises by an outsider. In any case, a Rogue AP poses serious security threat to a wired enterprise network as it provides a wireless backdoor into the enterprise network for outsiders, bypassing all wired security measures such as firewalls and network access control (NAC).
4. Carelessly deployed APs can create backdoor entry for malicious outsiders into the corporate LAN as RF signal spills out of the building, makes WiFi network available for all
6. A trusted WiFi AP can also be turned into Rogue AP This happens because of some bug, or 0’day vulnerability present in the Access Point (AP) software
7. Skyjacking Attack Cisco Lightweight Access Point (LAP) contains a vulnerability that could allow an unauthenticated, remote attacker to convert authorized AP into Rogue by taking full control of it. http://www.slideshare.net/AirTightWIPS/skyjacking-a-cisco-wlan-attack-analysis-and - countermeasures-2047379
8. A Rogue AP can also be running on a trusted client device e.g. laptop
9. Windows 7 Laptop Windows 7 Virtual WiFi Feature Allows a laptop user to run an access point on his/her laptop and simultaneously be connected to another trusted WiFi network through same WiFI client device
10. Windows 7 Rogue AP scenario Even NAC can’t prevent a Rogue AP running on a trusted laptop A laptop is connected to corporate WiFi LAN and also running a virtual AP allowing a malicious outsider to access corporate LAN
11.
12. Can we really restrict Rogue APs from connecting to a corporate network ?
14. Wireless Intrusion Prevention System (WIPS) Detect WiFi misuse and attacks Block WiFi misuse and attacks Locate WiFi devices Monitor Air Space 24x7, 365 days and detect, prevent and locate all types of Rogue APs
15. Eliminate Rogue APs once and for all The Global Leader in Wireless Security Solutions www.airtightnetworks.com Md Sohail Ahmad [email_address] www.rogueap.com